NAME

afclient - active port forwarder client

SYNOPSIS

afclient[options]-nservername-pportnum

DESCRIPTION

Afclient is a port forwarding program designed to be efficient and easy
to use. It connects to afserver to listenport (default listenport is
50126) and after a successful authorization afclient redirects all the
data to the specified destination host:port.

EXAMPLES

afclient-nservername-p22
program connects to servername:50126 and redirects data to local port
22 (becomes a daemon)
afclient-nservername-p22-v
the same as above, but verbose mode is enabled (program won't enter
daemon mode)
afclient-nservername-r
program connects to servername:50126 in remote administration mode

OPTIONS

Basicoptions-n,--servernameNAME
name of the host, where afserver is running (required)
-m,--manageportPORT
manage port number - server must be listening on it (default: 50126)
-d,--hostnameNAME
the name of this host/remote host - the final destination of the
packets (default: the name returned by hostname function)
-p,--portnumPORT
the port we are forwarding connection to (required)
--localnameNAME
local machine name for connection with afserver (used to bind socket
to different interfaces)
--localportNAME
local port name for connection with afserver (used to bind socket to
different addressees)
--localdesnameNAME
local machine name for connections with destination application (used
to bind socket to different interfaces)
-V,--version
display version number
-h,--help
prints help screen
Authorization-i,--idSTRING
sends the id string to afserver
--passPASSWORD
set the password used for client identification (default: no
password)
--ignorepkeys
ignore invalid server's public keys
Configuration-k,--keyfileFILE
the name of the file with RSA key (default: client.rsa)
-c,--cerfile
the name of the file with certificate (default: no certificate used)
-f,--cfgfileFILE
the name of the file with the configuration for the afclient-s,--storefile
the name of the file with stored public keys (default: known_hosts)
-D,--dateformatFORMAT
format of the date printed in logs (see 'man strftime' for details)
(default: %d.%m.%Y %H:%M:%S)
-K,--keep-aliveN
send keepalive packets every N seconds (default: not send keepalive
packets)
Auto-reconnection--ar-start
enable auto-reconnection when afserver is not reachable on start
(default: disabled)
--ar-quit
enable auto-reconnection after normal afserver quit (default:
disabled)
--noar
disable auto-reconnection after premature afserver quit (default:
enabled)
-A,--ar-triesN
try N times to reconnect (default: unlimited)
-T,--ar-delayN
wait N seconds between reconnect tries (default: 5)
Modes-u,--udpmode
udp mode - client will use udp protocol to communicate with the
hostname:portnum
-U,--reverseudp
reverse udp forwarding. Udp packets will be forwarded from
hostname:portnum to the server name:manageport
-r,--remoteadmin
remote administration mode. (using '-p PORT' will force afclient to
use port rather than stdin-stdout)
Logging-o,--logLOGCMD
log choosen information to file/socket
-v,--verbose
to be verbose - program won't enter the daemon mode (use several
times for greater effect)
IPfamily-4,--ipv4
use ipv4 only
-6,--ipv6
use ipv6 only
Modules-l,--load
load a module for user's packets filtering
-L,--Load
load a module for service's packets filtering
HTTP/HTTPSPROXY-S,--use-https
use https proxy instead of http proxy
-P,--proxyname
the name of the machine with proxy server
-X,--proxyport
the port used by proxy server (default: 8080)
-C,--pa-credU:P
the user (U) and password (P) used in proxy authorization
-B,--pa-t-basic
the Basic type of proxy authorization (default)

REMOTEADMINISTRATION

Remote administration mode is enabled by '-r,--remoteadmin' option.
Required options: '-n,--servernameNAME'
After successful authorization stdin/stdout are used to communicate
with user. All the commands parsing is done by afserver. Commands
guaranteed to be available:
help
display help
lcmd
lists available commands
quit
quit connection
For list of all available commands take a look at afserver(1).
When '-p,--portnumPORT' is used, afclient listens for connection from
user at NAME:PORT. NAME is set by '-d,--hostname' option or hostname()
function, when the option is missing.
When user quits (close the connection or send 'quit' command), afclient
exits.

LOGCMDFORMAT

LOGCMD has the following synopsis: target,description,msgdesc
Where target is file or sockdescription is filename or host,port
and msgdesc is the subset of:
LOG_T_ALL,LOG_T_USER,LOG_T_CLIENT,LOG_T_INIT,LOG_T_MANAGE,LOG_T_MAIN,LOG_I_ALL,LOG_I_CRIT,LOG_I_DEBUG,LOG_I_DDEBUG,LOG_I_INFO,LOG_I_NOTICE,LOG_I_WARNING,LOG_I_ERR
written without spaces.
Example:
file,logfile,LOG_T_USER,LOG_T_CLIENT,LOG_I_INFO,LOG_I_NOTICE